Glossary

Health Information Exchange Glossary

Here are some common terms anddefinitions used in HIEs, healthcare interfacing, HL7 and interoperability terminology.

Please use the Contact Form to send health information exchange and regional extension center definitions that I missed.

A | B | C | D | E | F | G | H | I | J | K | L | M| N | O | P | Q | R | S | T | U | V | W | X | Y | Z

A

Abstract Model

The basis of the Direct Project’s technical specifications, the abstract model provides a common framework for stakeholders to investigate Direct standards and services

Accountable Care Organization

An Accountable Care Organization (ACO), according to the Centers for Medicare & Medicaid Services (CMS) “is an organization of health care providers that agrees to be accountable for the quality, cost, and overall care of Medicare beneficiaries who are enrolled in the traditional fee-for-service program who are assigned to it.” Under the health care reform legislation passed in March 2010, the Medicare program is authorized to contract with ACOs.

An accountable care organization (ACO) is a type of payment and delivery reform model that seeks to tie provider reimbursements to quality metrics and reductions in the total cost of care for an assigned population of patients. A group of coordinated health care providers form an ACO, which then provides care to a group of patients. The ACO may use a range of payment models (capitation, fee-for-service with asymmetric or symmetric shared savings, etc.). The ACO is accountable to the patients and the third-party payer for the quality, appropriateness, and efficiency of the health care provided. According to the Centers for Medicare and Medicaid Services (CMS), an ACO is “an organization of health care providers that agrees to be accountable for the quality, cost, and overall care of Medicare beneficiaries who are enrolled in the traditional fee-for-service program who are assigned to it.”

Administrative Safeguards

Administrative actions, and policies and procedures to manage the selection, development, implementation and maintenance of security measures to protect electronic health information and to manage the conduct of the covered entity’s workforce in relation to the protection of that information.

AHCA

Agency for Health Care Administration (State of Florida)

AHRQ

Agency for Healthcare Research and Quality (Federal Health and Human Services Department)

ANSI (American National Standards Institute)

A broad based agency charged with overseeing voluntary standards development for everything from computers to household products. ANSI accredits standards development organizations (SDO) based on their consensus process, then reviews and officially approves the SDO recommendations.

Architecture

The orderly arrangement of parts; structure.

ASP (Application Service Provider)

Application service provider is remote software that you access through a web browser. Instead of installing megabytes of software on your local C drive, you simply rent the use of some ASP software that exists elsewhere on the Internet. You never really own ASP software, you borrow it for a fee.

ARRA

American Recovery and Reinvestment Act of 2009 (ARRA) is an economic stimulus package enacted by the 111th United States Congress in February 2009 to provide a stimulus to the U.S. economy in the wake of the economic downturn. The Act includes federal tax cuts, expansion of unemployment benefits and other social welfare provisions, and domestic spending in education, health care, and infrastructure, including the energy sector. In included in the ARRA legislation is a HITECH provision focused on health information technology adoption and funding.

ASTM (American Society for Testing and Materials)

American Society for Testing and Materials develops standards on characteristics and performance of materials, products, systems, and services. There are numerous standards-writing technical committees. E31 is the Committee on Computerized Systems and E31.28 is the subcommittee on Healthcare Informatics responsible for the Continuity of Care (CCR) standard.

Asymmetric Key System

A system that uses different keys for encryption and decryption. Within such a system, it is computationally infeasible to determine the decryption key (which is kept private) from the encryption key (which is made publicly available).

Attribute

A characteristic or property.

Audit Trail

Chronological record of system activity, which enables the reconstruction of information regarding the creation, distribution, modification, and deletion of data.

Authentication

Verification of the identity of a person or process.

Authorization

The role or set of permissions for information system activity assigned to an individual.

B

BAA

Business Associate Agreement
Beacon Community

A grant program sponsored by the Office of the National Coordinator for Health IT (ONC) for communities to build and strengthen their existing health information technology infrastructure and exchange capabilities. These communities demonstrate the vision of a future where hospitals, clinicians, and patients are meaningful users of health IT and together the community achieves measurable improvements in health care quality, safety, efficiency, and population health.

Biometric Authentication Technology

Technology that uses some human biological feature (e.g. fingerprint, voice pattern, retina scan, or signature dynamics) to uniquely identify an individual.

BioSense Initiative

BioSense is a Centers for Disease Control and Prevention (CDC) initiative to support enhanced biosurveillance, early detection, quantification, and localization of possible biologic terrorism attacks and other events of public health concern on a national level. The goals of the BioSense initiative are to advance early detection by providing the standards, infrastructure, and data acquisition for near real-time reporting, analytic evaluation and implementation, and early event detection support for state and local public health officials.

Biosurveillance

While there is no commonly accepted definition of biosurveillance, it typically refers to automated monitoring of existing health data sources to identify trends that may indicate naturally occurring or intentional disease outbreaks. Such data may supplement traditional surveillance and disease reporting methods.

Blue Button

The Blue Button initiative was first introduced by the VA, and subsequently began being promoted by many healthcare vendors. VA’s Blue Button allows a patient to access and download their information from a personal health record (PHR) into a very simple text file or PDF that can be read, printed, or saved on any computer. This enables patients to share this data with their health care providers, caregivers, or other people they trust.

The downloaded format is not in an industry standard format, such as CCD or CCR, which makes it less interoperable from an EHR-to-EHR sharing standpoint. The downloaded file is more targeted for human viewing and sharing.

Bundled payments

Payments are referred to as bundled when the unit of payment includes multiple individual services. For instance, hospitals receive a single bundled payment from Medicare for each discharge; that payment covers all of the services provided by the hospital during the stay, including nursing, room and board, operating room fees, and so on. In general, bundled payments offer providers an incentive to reduce the costs of the services within each component of the bundle and to increase the efficiency with which they provide medical care.

back to the top

C

CCHIT – Certification Commission for Healthcare IT

CCHIT serves as the recognized US certification authority for electronic health records (EHR) and their networks. In September 2005, CCHIT was awarded a 3-year contract by the U.S. Department of Health and Human Services to develop and evaluate the certification criteria and inspection process for EHRs and the networks through which they interoperate. CCHIT serves one of the ONC-ATCB for electronic health record (EHR) certification. CCHIT was certified by the ONC on September 3, 2010 and is authorized to certify complete EHR and EHR modules Visit the CCHIT website.

CCOW – Clinical Context Object Workgroup

CCOW is an HL7 standard protocol designed to enable disparate applications to synchronize in real-time and at the user-interface level. It is vendor independent and allows applications to present information at the desktop and/or portal level in a unified way. Visit HL7 CCOW website.

CDR – Clinical Document Repository

CDR enables hospitals to build a life-long health record environment using stored health records for the purpose of better treatment, clinical research and health statistics for policy making.

CCD – Continuity of Care Document

The HL7 CCD is the result of a collaborative effort between the Health Level Seven and American Society for Testing Materials (ASTM) to “harmonize” the data format between ASTM’s Continuity of Care Record (CCR) and HL7’s Clinical Document Architecture (CDA) specifications. Read HL7 and Continuity of Care Document white paper.

The Continuity of Care Document (CCD) specification is an XML-based markup standard intended to specify the encoding, structure and semantics of a patient summary clinical document for exchange. The CCD specification is a constraint on the HL7 Clinical Document Architecture (CDA) standard. The patient summary contains a core data set of the most relevant administrative, demographic, and clinical information facts about a patient’s healthcare, covering one or more healthcare encounters. It provides a means for one healthcare practitioner, system, or setting to aggregate all of the pertinent data about a patient and forward it to another practitioner, system, or setting to support the continuity of care. Its primary use case is to provide a snapshot in time containing the pertinent clinical, demographic, and administrative data for a specific patient.

CCR – Continuity of Care Record

CCR is an XML-based standard for the movement of “documents” between clinical applications. Furthermore, it responds to the need to organize and make transportable a set of basic information about a patient’s health care that is accessible to clinicians and patients. Read Understanding the Continuity of Care Record white paper.

A standard specification being developed jointly by ASTM International, the Massachusetts Medical Society (MMS), the Health Information Management and Systems Society (HIMSS), the American Academy of Family Physic ian s (AAFP), and the American Academy of Pediatrics. It is intended to foster and improve continuity of patient care, to reduce medical errors, and to assure at least a minimum standard of health information transportability when a patient is referred or transferred to, or is otherwise seen by, another provider.

CDA – Clinical Document Architecture

HL7 CDA uses XML for encoding of the documents and breaks down the document in generic, unnamed, and non-templated sections. Documents can include discharge summaries, progress notes, history and physical reports, prior lab results, etc. HL7’s CDA defines a very generic structure for delivering “any document” between systems. CDA was previously known as the Patient Record Architecture (PRA).

A HL7 standard for the representation and machine processing of clinical documents in a way which makes the documents both human readable and machine processable, and guarantees preservation of the content by using the eXtensible Markup Language (XML) standard. . It is a useful an intuitive approach to management of documents which make up a large part of the clinical information processing arena.

CDSS

Clinical Decision Support

CHPL – Certified Health IT Product List

The Office of the National Coordinator has organized a Certified Health IT Product List for Ambulatory and Inpatient facilities looking to purchase a complete EHR or EHR module certified for the Meaningful Use incentive program. Each complete EHR and EHR module listed has been certified by an ONC-ATCB and reported to the ONC for use in the list. You can find a list of the reported certified complete EHR and EHR modules at http://onc-chpl.force.com/ehrcert.

Certification Authority (CA)

The entity providing third party trust within Public Key Infrastructure (PKI). A certificate authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption. As part of a public key infrastructure (PKI), a CA checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. If the RA verifies the requestor’s information, the CA can then issue a certificate. Depending on the public key infrastructure implementation, the certificate includes the owner’s public key, the expiration date of the certificate, the owner’s name, and other information about the public key owner.vi See also: registration authority, digital certificate, public key infrastructure.

Certification criteria

Certification of Health IT products will provide assurance to purchasers and other users that an EHR system, or other relevant technology, offers the necessary technological capability, functionality, and security to help them meet the meaningful use criteria established for a given phase. Providers and patients must be confident that the electronic health IT products and systems they use are secure, can maintain data confidentiality and can work with other systems to share information. Confidence in health IT systems is an important part of advancing health IT system adoption and allowing for the realization of the benefits of improved patient care.vii Certification criteria are determined by regulations led by ONC.

Certification/Conformance Testing

Testing of a product for the existence of specific features, functions, or characteristics required by a standard in order to determine the extent to which that product satisfies the standard requirements.

Clinical Classification

A method of grouping clinical concepts in order to represent classes that support the generation of indicators of health status and health statistics.

Clinical Data Repository

The data warehouse that contains clinical data (HL7 messages) centrally.

Clinical Messaging

The communication among providers involved in the care process that can range from real time communication (for example, fulfillment of an injection while the patient is in the exam room), to asynchronous communication (for example, consult reports between physicians).

Clinical Reminders (Clinical Guideline Prompts)

The ability to remind clinicians to consider certain actions at a particular point in time, such as prompts to ask the patient appropriate preventive medicine questions, notifications that ordered tests have not produced results when expected, and suggestions for certain therapeutic actions, such as giving a tetanus shot if one has not been given for 10 years.

Clinical User Authentication

The process used by the HIE to determine the identity of the person accessing the system with adequate certainty to maintain security and confidentiality of personal health information and to administer with certainty of identity a regulated process such as e-prescribing and chart signing.

CMS

Centers for Medicare and Medicaid Services

Common Control

An entity has the power, directly or indirectly, significantly to influence or direct the actions or policies of another entity.

Common Ownership

An entity or entities possess an ownership or equity interest of 5 percent or more in another entity.

Compliance Date

The date by which a covered entity must comply with a standard, implementation specification, requirement, or modification adopted under this subchapter.

Computerized Provider Order Entry (CPOE)

A computer application that allows a physician’s orders for diagnostic and treatment services (such as medications, laboratory, and other tests) to be entered electronically instead of being recorded on order sheets or prescription pads. The computer compares the order against standards for dosing, checks for allergies or interactions with other medications, and warns the physician about potential problems.

Confidentiality

Data or information is not made available or disclosed to unauthorized persons or processes.

Conformance Checking

Conformance checking or gap analysis for HL7 messages is a logical process used to determine whether a message from one particular medical device or application is compatible to the selected HL7 standard messaging format, or a custom format adopted by another device or application. Read Conformance Checking for HL7 white paper for more details. Conformance is usually defined as testing to see if an implementation faithfully meets the requirements of a standard or specification. There are many types of technical testing available, including testing for performance, robustness, behavior, functions and interoperability. Although conformance testing may include some of these kinds of tests, it has one fundamental difference — the requirements or criteria for conformance must be specified in the standard or specification.

CONNECT

CONNECT is an open source software stack and community that implements health exchange specifications. CONNECT enables secure electronic health data exchange among healthcare providers, insurers, government agencies and consumer services. CONNECT was originally developed by the Federal Health Architecture to provide a common and compliant gateway to connect federal agencies to the Nationwide Health Information Network Exchange and was released for open source use in 2009. The CONNECT roadmap also includes support for the Direct specifications, which will allow any organization using CONNECT to implement the Direct specifications.

Controlled Clinical Vocabulary

A system of standardizing the terms used in describing client-centered health and health service-related concepts.

Conversion Services

Consulting services offered by the vendor. These services will take your original data, either in paper or electronic form, and transfer the data into the EHR system database.

Covered Entity

A health plan, a health care clearinghouse or a health care provider who transmits any health information in electronic form in connection with a transaction.

Covered Functions

Functions of a covered entity the performance of which makes the entity a health plan, health care provider, or health care clearinghouse.

Critical Access Hospital

In general, a Critical Access Hospital or CAH is a rural acute care hospital consisting of no more than 25 beds. Bed types can vary between acute care and swing, but cannot exceed 25. The Critical Access Hospital must not exceed a 96 hour length of stay and will have agreements, contracts or affiliations for transfer and services. Critical Access Hospitals must be certified to receive cost-based reimbursement from Medicare. The goal is to improve rural health care access and reduce hospital closures. Learn more at the Rural Access Center.

back to the top

D

Data Aggregation

Combining protected health information to permit data analyses that relate to the health care operations of the respective covered entities.

Data Center

The physical space and hardware used by the HIE to house its operations if these assets are kept within the HIE.

Data Integrity

The accuracy and completeness of data, to be maintained by appropriate security measures and controls. Preservation of the original quality and accuracy of data, in written or in electronic form.

Data Recovery Services

A mechanism and process to safely store duplicate databases and recreate the data should a disaster occur.

Decision Support

Computerized functions that assist users in making decisions in their job functions. In the practice of medicine, these functions include providing electronic access to medical literature, alerting the user to potential adverse drug interactions, and suggesting alternative treatment plans for a certain diagnosis.

Decryption

The technique of using mathematical procedures to “unscramble” data so that an unintelligible (encrypted) message becomes intelligible.

DICOM – Digital Imaging and Communications in Medicine

DICOM is a common format for image storage. It allows for handling, storing, printing, and transmitting information in medical imaging. Visit DICOM website.

A standard, which defines protocols for the exchange of medical images and associated information (such as patient identification details and technique information) between instruments, information systems, and health care providers. It establishes a common language that enables medical images produced on one system to be processed and displayed on another.

Digital certificate

A digital certificate is an electronic “credit card” that establishes an individual’s credentials when doing business or other transactions on the Web. It is issued by a certificate authority (CA). It contains the certificate holder’s name, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users’ public keys.xii See also: certificate authority, registration authority, public key infrastructure.

Digital Signature

A string of binary digits, which is computed using an encryption algorithm enabling signatory authentication, confirmation of data integrity, and non-repudiation of messages.

Direct Address

Used to identify an endpoint (a Sender or Receiver) when information is exchanged. The Direct Address has two parts, a Health End Point Name and a Health Domain Name, for example, drbob@samplehispname.org.

Direct Message

The content of the information being transferred from the Sender to the Receiver. The Direct Message is similar to a package that is sent from one person to another via the postal service, such as the content within an envelope or a box.

Direct Project

The Direct Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted health information directly to known, trusted recipients over the Internet.

Direct Treatment Relationship

A treatment relationship between an individual and a health care provider that is not an indirect treatment relationship.

Disclosure

The release, transfer, provision of access to, or divulging in any other manner of information outside the entity holding the information.

Doctor Matching

The process of cross-linking the multiple provider identifiers in a community from a variety of provider identifier sources and creating a master doctor identifier with a key for cross-referencing the various community identifiers.

Document Review, Edit, Sign

A software process that allows for the secure review, editing, and signature through electronic, distributed technology of electronic health record components, such as operative reports, discharge summaries, and consultations.

DURSA

Data Use and Reciprocal Support Agreement, a comprehensive agreement that governs the exchange of health data between participants in the Nationwide Health Information Network Exchange. The DURSA is the legal multi-party trust agreement that is entered into voluntarily by all entities, organizations and Federal agencies that desire to engage in electronic health information exchange with other members of the Nationwide Health Information Network Exchange.

back to the top

E

Electronic Billing Support

The ability to contact the payer before the patient is seen and get a response that indicates whether or not the services to be rendered will be covered by the payer.

EDI – Electronic Data Interchange

EDI is a standard format for exchanging business data. The standard is ANSI X12, developed by the Data Interchange Standards Association. An EDI message contains a string of data elements; each represents a singular fact, such as a price, product model number, and is separated by delimiter. The entire string is called a data segment. One or more data segments framed by a header and trailer form a transaction set, which is the EDI unit of transmission (equivalent to a message). A transaction set often consists of what would usually be contained in a typical business document or form. The
parties who exchange EDI transmissions are referred to as trading partners.

EHR – Electronic Health Record

EHR, as defined in Defining Key Health Information Technology Terms (The National Alliance for Health Information Technology, April 28, 2008): An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one health care organization.

An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be created, managed, and consulted by authorized clinicians and staff across more than one health care organization.

Electronic Imaging Results Delivery

The ability to accept messages from radiology sources and integrate the data for presentation to a clinician.

Electronic order entry

Computerized physician order entry (CPOE) (also sometimes referred to as computerized provider order entry or electronic order entry) is a process of electronic entry of medical practitioner instructions for the treatment of patients under his or her care. These orders are communicated over a computer network to the medical staff or to the departments (pharmacy, laboratory, or radiology) responsible for fulfilling the order. CPOE decreases delay in order completion, reduces errors related to handwriting or transcription, allows order entry at the point of care or off site, provides error checking for duplicate or incorrect doses or tests, and simplifies inventory and posting of charges.

Electronic Prescribing (Pharmacy Communication)

Provides features to enable secure bidirectional communication of information electronically between practitioners and pharmacies or between practitioner and intended recipient of pharmacy orders.

Electronic Quality Data Submission (Performance and Accountability Measures)

Support of the capture and reporting of quality, performance, and accountability measures to which providers/facilities/delivery.

Electronic Referral Management

The ability to generate and/or receive summaries of relevant clinical information on a patient that are typically transferred between healthcare providers when a patient is referred to a specialist or admitted or discharged from a hospital.

Electronic Referrals and Authorizations

eHI- eHealth Initiative

(See ehealthinitiative.org)

eLaboratory

The electronic delivery of laboratory results to practices so that such data may be integrated into electronic patient records in a full EHR system, or used by a dedicated application to view structured, context-rich, and/or longitudinal laboratory results on a patient. eLaboratory includes closing the orders loop, documenting the review of results by clinicians, and documenting that the results have been communicated to the patient. The full benefits of eLaboratory are not achieved until the results are used as input into clinical decision support systems (CDSS).

Electronic Billing (Claims, Eligibility, Remittance)

The ability to contact the payer before the patient is seen and get a response that indicates whether or not the services to be rendered will be covered by the payer.

EMR – Electronic Medical Record

EMR, as defined in Defining Key Health Information Technology Terms (The National Alliance for Health Information Technology, April 28, 2008): An electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by authorized clinicians and staff within one health care organization.

An electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by authorized clinicians and staff within one health care organization.

ELINCS – EHR-Lab Interoperability and Connectivity Standards

The ELINCS specification provides a profile that refines (or constrains) “standard” HL7 messages to moving lab results from reference labs to physician offices.

See Accelerating EMR Interoperability with ELINCS white paper.

Encryption

The process of enciphering or encoding a message so as to render it unintelligible without a key to decrypt (unscramble) the message.

ePHR – electronic Personal Health Record

A universally accessible, layperson comprehensible, lifelong tool for managing relevant health information, promoting health maintenance and assisting with chronic disease management via an interactive, common data set of electronic health information and e-health tools. The ePHR is owned, managed, and shared by the individual or his or her legal proxy(s) and must be secure to protect the privacy and confidentiality of the health information it contains. It is not a legal record unless so defined and is subject to various legal limitations.

E-Prescribing

Provides features to enable secure bidirectional communication of information electronically between practitioners and pharmacies or between practitioner and intended recipient of pharmacy orders.

EP – Eligible Professionals

The HITECH Act recognizes three types of payers eligible for incentive payments under Meaningful Use. Those types are 1) Medicare Fee For Service (FFS), 2) Medicare Advantage (MA) and 3) Medicaid. The subsequent definition of an eligible professional differs according to Medicare and Medicaid.

Eligible hospitals can be acute care (excluding long term care facilities), critical access hospitals and children’s hospitals.

Eligible providers include non-hospital-based physicians who receive reimbursement through Medicare FFS program or a contractual relationship with a qualifying MA organization. Eligible providers are widely considered to be physicians whose practices are less than 90% inpatient and ER.

Visit Everything HITECH for detailed information on eligible professionals.

The Center for Medicare and Medicaid Services (CMS) has outlined the Meaningful Use Core Measures for Eligible Professionals as a part of the EHR Incentive Program.

back to the top

F

FQHC

Federally Qualified Health Center

Federal Health Architecture

The Federal Health Architecture (FHA) is an E-Government Line of Business initiative managed by the Office of the ational Coordinator for Health IT (ONC). FHA was formed to coordinate health IT activities among the more than 20 federal agencies that provide health and healthcare services to citizens. FHA and its federal partners are helping build a federal health information technology environment that is interoperable with private sector systems and supports the President’s plan to enable better point-of-service care, increased efficiency and improved overall health in the U.S. population. FHA is responsible for supporting federal efforts to deploy health IT standards and ensuring that federal agencies can seamlessly exchange health data among themselves, with state, local and tribal governments, and with the private sector.

Fee-for-service payments

Fee-for-service is a payment model where services are unbundled and paid for separately. In the health insurance and the healthcare industries, fee-forservice occurs when doctors and other healthcare providers receive a fee for each service, such as an office visit, test, procedure, or other healthcare service. Payments are issued retrospectively, after the services are provided. Fee-for-service is the dominant physician payment method in the United States.xvii This is the opposite structure to accountable care payment models.

Formulary

A formulary is a list of prescription drugs covered by a particular drug benefit plan.

H

HCFA

Health Care Financing Administration within the Department of Health and Human Services. Note: HCFA has been renamed and is now called the Centers for Medicare and Medicaid Services (CMS).

HHS

The Federal Department of Health and Human Services.

Health Insurance Issuer

An insurance company, insurance service, or insurance organization (including an HMO) that is licensed to engage in the business of insurance in a State and is subject to State law that regulates insurance. Such term does not include a group health plan.

Healthcare Interoperability

Assures the clear and reliable communication of meaning by providing the correct context and exact meaning of the shared information as approved by designated communities of practice. This adds value by allowing the information to be accurately linked to related information, further developed and applied by computer systems and by care providers for the real-time delivery of optimal patient care.

Health Domain Name

The delivery location for messages to an individual Direct HISP, the HISP portion of a Direct Project Address

Health End Point

The delivery location for messages to an individual Direct user, the user portion of a Direct Project Address

Health IT Policy Committee

Under the American Recovery and Reinvestment Act of 2009 (ARRA), The Health IT Policy Committee will make recommendations to the National Coordinator for Health Information Technology – ONC – on a policy framework for the development and adoption of a nationwide health information infrastructure, including standards for the exchange of patient medical information.

Health IT Standards Committee

The Health IT Standards Committee will make recommendations to the National Coordinator for Health Information Technology (HIT) on standards, implementation specifications, and certification criteria for the electronic exchange and use of health information. In developing, harmonizing, or recognizing standards and implementation specifications, the HIT Standards Committee will also provide for the testing of the same by the National Institute for Standards and Technology (NIST).

Health Information Exchange – HIE

VERB – The electronic movement of health-related information among organizations according to nationally recognized standards.

NOUN – An organization that oversees and governs the exchange of health-related information among organizations according to nationally recognized standards. See also: health information organization (HIO) and regional health information organization (RHIO).

HIE focuses on the mobilization of healthcare information electronically across organizations within a region or community. HIE provides the capability to electronically move clinical information between disparate health care information systems while maintaining the meaning of the information being exchanged. The goal of HIE is to facilitate access to and retrieval of clinical data to provide safe, and efficient patient-centered care.

The mobilization of healthcare information electronically across organizations within a region or community. HIE provides the capability to electronically move clinical information between disparate healthcare information systems while maintaining the meaning of the information being exchanged. The goal of HIE is to facilitate access to and retrieval of clinical data to provide safer, more timely, efficient, effective, equitable, patient-centered care. Formal organizations are now emerging to provide both form and function for health information exchange efforts. These organizations (often called Regional Health Information Organizations, or RHIOs) are ordinarily geographically-defined entities which develop and manage a set of contractual conventions and terms, arrange for
the means of electronic exchange of information, and develop and maintain HIE standards. Although HIE initiatives differ in many ways, survey results and eHI experiences with states, regions and communities indicate that those who are experiencing the most success share the following characteristics. They are:

Governed by a diverse and broad set of community stakeholders;
Develop and assure adherence to a common set of principles and standards for the technical and policy aspects of information sharing, addressing the needs of every stakeholder;
Develop and implement a technical infrastructure based on national standards to facilitate interoperability;
Develop and maintain a model for sustainability that aligns the costs with the benefits related to HIE; and
Use metrics to measure performance from the perspective of: patient care, public health, provider value, and economic value.

Health information organization (HIO)

An organization that oversees and governs the exchange of health-related information among organizations according to nationally recognized standards. See also: health information exchange (HIE) and regional health information organization (RHIO).

Health Information Service Provider (HISP)

A Health Information Service Provider, or HISP, is a logical concept that encompasses certain services that are required for Direct Project exchange, such as the management of trust between senders and receivers. It may be a separate business or technical entity from the sender or receiver, depending on the deployment option chosen by the implementation.

Health Information Technology for Economic and Clinical Health (HITECH) Act

The Health Information Technology for Economic and Clinical Health (HITECH) Act seeks to improve American health care delivery and patient care through an unprecedented investment in health information technology. The provisions of the HITECH Act are specifically designed to work together to provide the necessary assistance and technical support to providers, enable coordination and alignment within and among states, establish connectivity to the public health community in case of emergencies, and assure the workforce is properly trained and equipped to be meaningful users of EHRs. Combined, these programs build the foundation for every American to benefit from an electronic health record, as part of a modernized, interconnected, and vastly improved system of care delivery.

Health IT Policy Committee

The Health IT Policy Committee is an advisory committee, as defined in the Federal Advisory Committee Act, created for the purpose of making recommendations to the National Coordinator for Health IT on a policy framework for the development and adoption of a nationwide health information infrastructure, including standards for the exchange of patient medical information.

Health IT Standards Committee

The Health IT Standards Committee, a federal advisory committee like the Health IT Policy Committee, is charged with making recommendations to the National Coordinator for Health IT on standards, implementation specifications, and certification criteria for the electronic exchange and use of health information.

Healthcare quality

The Institute of Medicine defines healthcare quality as the extent to which health services provided to individuals and patient populations improve desired health outcomes. The care should be based on the strongest clinical evidence and provided in a technically and culturally competent manner with good communication and shared decision making.

HIECC

Health Information Exchange Coordinating Committee (created by AHCA)

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. This is intended to help people keep their information private, though in practice, it is normal for providers and health insurance plans to require the waiver of HIPAA rights as a condition of service.

The Administration Simplification provisions also address the security and privacy of health data. The standards are meant to improve the efficiency and effectiveness of the nation’s health care system by encouraging the widespread use of electronic data interchange in the U.S. health care system.

HIPAA – Business Associate

A person or entity that performs certain functions or activities that involve the use or disclosure of Protected Health Information (PHI) on the behalf of, or provides services to, a covered entity. A member of the covered entity’s workforce is not a business associate. A covered health care provider, health plan, or health care clearinghouse can be a business associate of another covered entity.

The Privacy Rule lists some of the functions, activities, and services that make a person or entity a business associate, if the activity or service involves the use or disclosure of protected health information (PHI) covered under HIPAA. The types of functions or activities that may make a person or entity a business associate include payment or health care operations activities, and other activities regulated by the Administrative Simplification Rules.

Examples of Business Associates:

A third party administrator that assists a health plan with claims processing.
A CPA firm whose accounting services to a health care provider involve access to protected health information.
An attorney whose legal services to a health plan involve access to protected health information.
A consultant that performs utilization reviews for a hospital.
A health care clearinghouse that translates a claim from a non-standard format into a standard transaction on behalf of a health care provider and forwards the processed transaction to a payer.
An independent medical transcriptionist that provides transcription services to a physician.
A pharmacy benefits manager that manages a health plan’s pharmacist network.

HIPAA – Protected Health Information (PHI)

Protected health information (PHI) under HIPAA, is any information about an individual’s health status that identifies or relates to an individual’s past, present or future physical or mental health, the provision of health care to the individual, or the past, present or future payment for health care. Information is deemed to identify an individual if it includes either the individual’s name or any other information that could enable someone to determine the individual’s identity.

Identifiers include:

Name
Address (all geographic subdivisions smaller than state, including street address, city, county, ZIP code)
All elements (except years) of dates related to an individual (including birth date, admission date, discharge date, date of death and exact age if over 89)
Telephone numbers
FAX number
E-mail address
Social Security number
Medical record number
Health plan beneficiary number
Account number
Certificate/license number
Any vehicle or other device serial number
Device identifiers or serial numbers
Web URL
Internet Protocol (IP) address numbers
Finger or voice prints
Photographic images

HISP

Health Information Service Provider, the entity that is responsible for delivering health information as messages between senders and receivers over the Internet.

HITECH

As a part of the America Recovery and Reinvestment Act (ARRA) of 2009, Health Information Technology for Economic and Clinical Health (HITECH) refers to the portion of the ARRA that is used to increase the use of Electronic Health Records (EHR) by physicians and hospitals. This legislation provides immediate funding for health information technology infrastructure, training, dissemination of best practices, telemedicine, inclusion of health information technology in clinical education, and State grants to promote health information technology.

HITSP – Healthcare Information Technology Standards Panel

HITSP serves as a cooperative partnership between the public and private sectors for the purpose of achieving a widely accepted and useful set of standards specifically to enable and support wdespread interoperability among healthcare software applications, as they will interact in a local, regional and national health information network for the United States. Visit HITSP website.

HL7 – Health Level Seven

HL7 is a Standards Developing Organization accredited by the American National Standards Institute (ANSI) to author consensus-based standards representing a board view from healthcare system stakeholders. HL7 has compiled a collection of message formats and related clinical standards that define an ideal presentation of clinical information, and together the standards provide a framework in which data may be exchanged. Visit the HL7 organization website or HL7Standards.com for more HL7 information.

An ANSI approved American National Standard for electronic data exchange in health care. It enables disparate computer applications to exchange key sets of clinical and administrative information.

HL7 Batch Protocol

The HL7 Batch Protocol transmits a batch of HL7 messages using FHS, BHS, BTS, and FTS segments to delineate the batch.

Health Oversight Agency

An agency or authority of the United States, a State, a territory, a political subdivision of a State or territory, or an Indian tribe, or a person or entity acting under a grant of authority from or contract with such public agency, including the employees or agents of such public agency or its contractors or persons or entities to whom it has granted authority, that is authorized by law to oversee the health care system (whether public or private) or government programs in which health information is necessary to determine eligibility or compliance, or to enforce civil rights laws for which health information is relevant.

HIS – Hospital Information System

HIS is the main system in a hospital used by most caregivers. Sends ADT broadcasts to all ancillary applications. The HIS is typically the patient administrative system and order entry system for a hospital.

back to the top

I

ICD-9

ICD-9 is a classification used in the medical field that stands for International Classification of Diseases, 9th revision. This classification is predominately the standard classification of diseases, injuries, and cause of death for the purpose of health records. The World Health Organization (WHO) assigns, publishes, and uses the ICD to classify diseases and to track mortality rates based on death certificates and other vital health records. Medical conditions and diseases are translated into a single format with the use of ICD codes.

ICSA Labs

ICSA Labs serves one of the ONC-ATCB for electronic health record (EHR) certification. ICSA Labs was certified by the ONC on December 10, 2010 and is authorized to certify complete EHR and EHR modules. Visit the ICSA Labs website.

ID

ID is a coded value data type. The value of such a field follows the formatting rules for a ST field except that it is drawn from a table of legal values. Examples of ID fields include religion and sex.

IEEE – Institute of Electrical and Electronics Engineers

IEEE is accredited by ANSI to submit its documents for approval as American National Standards. IEEE subcommittee P1073 develops standards for healthcare informatics: MEDIX (P1157) and MIB (P1073).

IHE

Integrating the Healthcare Enterprise, a group of healthcare industry stakeholders that promotes and defines coordination of established standards to provide meaningful and effective information exchange.

Implementation guides

Publications listing electronic data interchange messages that are in use in a particular industry or application. It indicates how the information in those messages should be presented on a segment-by-segment, and data-element-by-data-element basis, including which segments and data elements are needed, which are not and what code values will be expected in the application of that particular message.

Indirect Treatment Relationship

A relationship between an individual and a health care provider in which the health care provider delivers health care to the individual based on the orders of another health care provider; and the health care provider typically provides services or products, or reports the diagnosis or results associated with the health care, directly to another health care provider, who provides the services or products or reports to the individual.

Informatics

The application of computer science and information science to the management and processing of data, information, and knowledge.

Interface

Shared boundary between two functional units defined by various characteristics pertaining to the functions, physical interconnections, signal changes, and other characteristics as appropriate.

Interface Engine

An interface engine can transform or map the data to the receiving application’s requirements while the message is in transit so that it can be accepted by the receiving application. The application interface is built with one-to-many concepts in mind. These import/export modules then are connected to an interface engine so that the mapping, routing, and monitoring are managed by this system.

IHE – Integrating the Healthcare Enterprise

IHE is an initiative by healthcare professionals and industry to improve the way computer systems in healthcare share information. Visit the IHE website.

The International Organization for Standardization (ISO)

It is a worldwide federation of national standards bodies from some 130 countries, one from each country. ISO’s work results in international agreements, which are published as International Standards.

Interoperability

The ability of two or more systems or components to exchange information and to use the information that has been exchanged accurately, securely, and verifiably, when and where needed.

back to the top

K

Key Certificate

A data record that authenticates the owner of a public key for an asymmetric algorithm. It is issued by a certification authority and is protected by a digital signature allowing the certificate to be verified widely. The certificate may also contain other fields beside the value to the key and the name of the owner, for example an expiration date.

Keys

A sequence of symbols that controls the operations of encryption and decryption.

LOINC (Logical Observation Identifiers, Names, and Codes)

The LOINC databases provide sets of universal names and ID codes for identifying laboratory and clinical test results. The purpose is to facilitate the exchange and pooling of results, such as blood hemoglobin, serum potassium, or vital signs, for clinical care, outcomes management, and research.

L

LIS – Laboratory Information System

LIS is an information system that receives, processes, and stores information generated by a medical laboratory processes. LIS is often interfaced with HIS and EMR applications.

LOINC – Logical Observation Identifiers Names and Codes

LOINC applies universal code names and identifiers to medical terminology related to the EHR and assists in the electronic exchange and gathering of clinical results (such as laboratory tests, clinical observations, outcomes management and research). See What are LOINC Codes?

back to the top

M

Master patient index

Healthcare organizations or groups of them will implement a master patient index (MPI) to identify, match, merge, de-duplicate, and cleanse patient records to create a master index that may be used to obtain a complete and single view of a patient. The MPI will create a unique identifier for each patient and maintain a mapping to the identifiers used in each records’ respective system.

Meaningful Use

A term associated with The American Recovery and Reinvestment Act of 2009 (ARRA) that authorizes the Centers for Medicare & Medicaid Services (CMS) to provide reimbursement incentives for medical professionals and hospitals that become compliant in the use of certified electronic health record (EHR) technology. Professionals and hospitals that meet the criteria of “meaningful use” will begin receiving incentive payments in 2011 with a gradual decline in reimbursement amounts until the year 2015. By this date, providers are expected to have adopted and be actively utilizing a certified EHR in compliance with the “meaningful use” definition or be subject to financial penalties under Medicare. To read more articles on this topic, visit our Meaningful Use & HITECH section.

The American Recovery and Reinvestment Act of 2009 specifies three main components of Meaningful Use:

1) The use of a certified EHR in a meaningful manner, such as e-prescribing;
2) The use of certified EHR technology for electronic exchange of health information to improve quality of healthcare;
3) The use of certified EHR technology to submit clinical quality and other measures.

Simply put, “meaningful use” means providers need to show that they are using certified EHR technology in ways that can be measured significantly in quality and in quantity. The criteria for meaningful use will be staged in three steps over the course of the next five years: Stage 1 (2011 and 2012) sets the baseline for electronic data capture and information sharing; Stage 2 (expected to be implemented in 2014) and Stage 3 will continue to expand on this baseline and be developed through future rulemaking.

Medication Matching

The process of cross-linking the multiple possible medication identifiers naming conventions in a community from a variety of systems housing medication information and creating a master medication identifier with a key for cross-referencing the various community identifiers. For example there are hundreds of NDC codes for identical drugs as well as HCPCS codes that identify the same drug as NDC codes.

Medication Reconciliation

Alerts providers in real-time to potential administration errors such as wrong patient, wrong drug, wrong dose, wrong route and wrong time in support of medication administration or pharmacy dispense/supply management and workflow.

Message Integrity

Protecting a message against its unauthorized modification, often by the originator of the message generating a digital signature.

Messaging to Pharmacies

The process of communicating electronically with pharmacies. This typically includes the cost of communication lines and processes between the HIE and pharmacies. This is necessary to support the e-prescribing function when that function includes the process of electronically sending a digital prescription to the pharmacy.

Messaging to Providers

The process of communicating electronically with providers. This typically includes the cost of communication lines and processes between the HIE and provider terminals.

MIME

Multipurpose Internet Mail Extensions, an Internet standard that extends e-mail to support content beyond simple ASCII plain text data

back to the top

N

NAHIT

National Alliance for Health Information Technology

National eHealth Collaborative

National eHealth Collaborative (NeHC) is a public-private partnership focused on accelerating progress toward widespread, secure and interoperable nationwide health information exchange to improve health and healthcare. NeHC’s neutrality and diverse multi-stakeholder participation provides a unique platform for collaboration. NeHC educates, connects, and encourages healthcare stakeholders to advance health information technology and health information exchange nationwide through its NeHC University web-based education program, its Consumer Consortium on eHealth, its support of the Nationwide Health Information Network Exchange, its collaborative online community and its ongoing study of leading health information exchanges. National eHealth Collaborative is a cooperative agreement partner of the Office of the National Coordinator for Health IT within the U.S. Department of Health and Human Services.

NHIN – Nationwide Health Information Network

NHIN is one of the ONC’s major initatives. As defined by the ONC, NHIN is: “a set of standards, services and policies that enable secure health information exchange over the Internet. The NHIN will provide a foundation for the exchange of health IT across diverse entities, within communities and across the country, helping to achieve the goals of the HITECH Act.” The nationwide health information network is the portfolio of nationally recognized services, standards and policies that enable secure health information exchange over the Internet. Often also used as an umbrella term to describe the result of standards harmonization and pilot testing activities led by the ONC Office of Standards and Interoperability.

Nationwide Health Information Network CONNECT

Open source software that embodies the standards and services to support Nationwide Health Information Network specifications

Nationwide Health Information Network Exchange

A diverse set of federal agencies and nonfederal organizations that have come together to securely exchange electronic health information using the Nationwide Health Information Network specifications. The Nationwide Health Information Network Exchange (“Exchange”) is a group of federal agencies and non-federal organizations that came together under a common mission and purpose to improve patient care, streamline disability benefit claims, and improve public health reporting through secure, trusted, and interoperable health information exchange.

NCPDP – National Council for Prescription Drug Programs

The NCPDP creates and promotes the transfer of data related to medications, supplies, and services within the healthcare system through the development of standards and industry guidance. Visit the NCPDP website.

NIST – National Institute of Standards and Technology

Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST’s mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. NIST have made solid contributions to image processing. Visit the NIST website.

back to the top

O

ONC – Office of the National Coordinator for Health Information Technology

Located within the Office of the Secretary for the U.S. Department of Health and Human Services (HHS), the Office of the National Coordinator (ONC) coordinates nationwide efforts to support the adoption of health information technology and the promotion of health information exchange to improve health care. The ONC position was established in 2004 with an Executive Order and legislatively mandated in the Health Information Technology for Economic and Clinical Health Act (HITECH Act) of 2009.

ONC-ATCB – ONC-Authorized Testing and Certification Bodies

Following the Meaningful Use stage one final rule in July of 2010, the Office of the National Coordinator selected six organizations to assume responsibility for the certification of complete EHR and EHR modules. These ONC-ATCB are required to certify based upon the certification requirements outlined in the Standards and Certification Criteria Final Rule. According to the ONC, “Certification by an ATCB will signify to eligible professionals, hospitals, and critical access hospitals that an EHR technology has the capabilities necessary to support their efforts to meet the goals and objectives of Meaningful Use.”

OSI (Open Systems Interconnection)

An international standard for networking adopted by the ISO (International Organization for Standardization). This 7-layer model offers the widest range of capabilities for networking.

Outbreak Surveillance

Support clinical health state monitoring of aggregate patient data for use in identifying health risks from the environment and/or population.

back to the top

P

PACS – Picture Archiving Communication System

PACS are devoted to the storage, retrieval, distribution, and presentation of images. The medical images are stored in an independent format, most commonly DICOM.

PDQ – Patient Demographics Query

What it’s used for: Requesting patient ID’s from a central patient information server based on patient demographic information. Used when a system has only demographic data for patient identification.

Example: Hospital A admits Patient Y, who has not been at the hospital before. Hospital A submits a request to the local HIE, based on demographic information such as name, birthdate, sex, etc., to obtain the appropriate HIE patient ID for Patient Y.

Patient Protection and Affordable Care Act

The federal Patient Protection and Affordable Care Act (P.L. 111-148), signed March 23, 2010, as amended by the Health Care and Education Reconciliation Act, signed March 31, 2010, is also referred to as the Affordable Care Act (ACA), or simply as “federal health reform.” The 900+ page act contains many provisions, with various effective dates. Provisions included in the ACA are intended to expand access to insurance, increase consumer protections, emphasize prevention and wellness, improve quality and system performance, expand the health workforce, and curb rising health care costs.

Patient Matching

The process of cross-linking the multiple patient identifiers in a community from a variety of patient identifier sources and creating a master patient identifier with a key for cross-referencing the various community identifiers. This is also referred to as a record locator service.

PHR – Personal Health Record

PHR, as defined in Defining Key Health Information Technology Terms (The National Alliance for Health Information Technology, April 28, 2008): An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be drawn from multiple sources while being managed, shared, and controlled by the individual.

An electronic record of health-related information on an individual that conforms to nationally recognized interoperability standards and that can be drawn from multiple sources while being managed, shared, and controlled by the individual.

Physical Safeguards

Physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion.

PIX – Patient Identifier Cross Referencing

What it’s used for: Cross-referencing multiple local patient ID’s between hospitals, sites, health information exchange networks, etc. Used when local patient ID’s have been registered with a PIX manager.

Example: Hospital A transmits Patient D’s ID information to the HIE for cross referencing. Hospital A receives Patient D’s local ID for Hospital B which they can use to request information from Hospital B, based on need.

PMS – Practice Management System

PMS applications facilitate the day-to-day operations of a medical practice. PMS software enables users to capture patient demographics, schedule appointments, maintain lists of insurance payers, perform billing tasks, and generate reports. It handles the administrative and financial matters for a practice.

Point-To-Point Interfaces

A point-to-point interface is one in which the receiving vendor provides a specification on what data it can receive and in what format it needs to be in. The sending application then builds an interface to that specification for that application. It is a one-to-one relationship. For each application requiring an interface, there is a new request and point-to- point interface developed. Read What is Your Healthcare Interface Method white paper.

Privacy

Right of an individual to control the circulation of information about him-/herself within social relationships; freedom from unreasonable interference in an individual’s private life; an individual’s right to protection of data regarding him/her against misuse or unjustified publication.

Private HIE

The term “private” HIE generally refers to HIEs which operate under the governance of an integrated delivery network (IDN) or a single healthcare system. The term “enterprise HIE” is often substituted in this context.

Public HIE

The term “public” HIE is generally used to describe HIEs which are community-based and are open to, and governed by, participants from multiple organizations. Public HIEs often rely on grants to help them get established and then require a solid revenue stream to become sustainable. Note, however, that public HIEs are not in fact always totally funded with public or government funds

Private Key

In asymmetric cryptography, the key, which is held only by the user for signing and decrypting, messages.

Protected Health Information

Individually identifiable health information.

Public Key

In asymmetric cryptography, the key that is published by the user to encrypt messages and so that others may verify his/her signature.

Public Key Certificate

A data record that authenticates the owner of a public key for an asymmetrical key system. It is issued by a CA and is protected by a digital signature, allowing the certificate to be verified widely.

PKI – (Public Key Infrastructure)

A conceptual framework that enables the encryption, decryption and electronic “signing” of data transmissions in a secure fashion within an open network environment. A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.xxxix See also: certificate authority, digital certificate, registration authority.

Publish/subscribe

Often abbreviated to pub/sub, publish/ subscribe is a messaging pattern where senders of messages, called publishers, do not program the messages to be sent directly to specific receivers, called subscribers. Published messages are characterized into classes, without knowledge of what, if any, subscribers there may be. Subscribers express interest in one or more classes, and only receive messages that are of interest, without knowledge of what, if any, publishers there are.xl Pub/sub is often used to submit public health information.

Push and send

Push and send refers to one-directional electronic messaging such as those for which The Direct Project has developed standards and specifications for secure transport. In push messaging, as in email, the receiver of the message must be a known entity.

back to the top

R

RadLex

RadLex is a controlled terminology for radiology. The purpose of RadLex is to provide a uniform structure for capturing, indexing, and retrieving a variety of radiology information sources. This may facilitate a first step toward structured reporting of radiology reports. The RadLex project – to develop a comprehensive radiology lexicon – is sponsored by the Radiological Society of North America (RSNA), along with the collaboration of the American College of Radiology (ACR) and other subspecialty societies. Read more about RadLex.

Receiver

Actor in the Direct workflow who receives the message content. A Receiver may be a person or a larger business entity.

Record locator service

In an HIE, a record locator service is the part of the system that determines what records exist for a member and where the source data is located. The record locator service includes these distinct functions: manage participating provider identities; maintain and publish a patient index; match patients using an algorithm; look up patient record locations (but not the records themselves); communicate securely and maintain an audit log; and manage patient consent to record sharing (under state laws and ARRA).

Reference Implementation

Open-source software that implements the Direct Project specifications. There may be multiple reference implementations using different technologies (e.g., .NET, Java), and a reference implementation is not normative as the specifications are. A reference implementation is the standard from which all other implementations, with their attendant customizations, are measured, and to which all improvements are added. Characteristics of a reference implementation include:
1) developed concurrently with specification and test suite;
2) verifies that specification is implementable;
3) enables the test suite to be tested;
4) serves as Gold Standard against which other implementations can be measured;
5) helps to clarify intent of specification where conformance tests are inadequate.

Registration Authority

An entity (group or agency) that has been delegated by a CA to perform a specific set of ‘trusted authority’ functions within PKI. Relates to the privacy of individually identifiable health information means, with respect to a State law, that the State law has the specific purpose of protecting the privacy of health information or affects the privacy of health information in a direct, clear, and substantial way. A registration authority (RA) is an authority in a network that verifies user requests for a digital certificate and tells the certificate authority (CA) to issue it. RAs are part of a public key infrastructure (PKI), a networked system that enables companies and users to exchange information and money safely and securely. The digital certificate contains a public key that is used to encrypt and decrypt messages and digital signatures.xlv See also: certificate authority, digital certificate, public key infrastructure.

RHIO – Regional Health Information Organization

The terms “RHIO” and “Health Information Exchange” or “HIE” are often used interchangeably. RHIO (regional health information organization) is a group of organizations with a business stake in improving the quality, safety and efficiency of healthcare delivery. RHIOs are the building blocks of the proposed National Health Information Network (NHIN) initiative proposed by David Brailer, MD, and his team at the Office of the National Coordinator for Health Information Technology (ONCHIT). To build a national network of interoperable health records, the effort must first develop at the local and state levels. The concept of NHIN requires extensive collaboration by a diverse set of stake holders. The challenges are many to achieve success for a health information exchange or a RHIO.

An organization that oversees and governs the exchange of health-related information among organizations according to nationally recognized standards. A health information organization that brings together health care stakeholders within a defined geographic area and governs health information exchange among them for the purpose of improving health and care in that community. See also: health information organization (HIO) and health information exchange (HIE).

RIS – Radiology Information System

RIS is the main application in an imaging center or radiology department. RIS is used by to store, manipulate and distribute patient radiological data and imagery. RIS are used for patient scheduling, tracking, and image tracking. Read Rethinking Radiology Workflow white paper.

Rulemaking

Rulemaking refers to the process that executive and independent agencies use to create, or promulgate, regulations. In general, legislatures first set broad policy mandates by passing statutes, then agencies create more detailed regulations through rulemaking. Legislatures typically rely on rulemaking to add more detailed scientific, economic, or industry expertise to a policy—fleshing out the broader mandates of authorizing legislation.xlvi For example, the HITECH Act called for healthcare providers to meaningfully use a certified EHR in order to be eligible for financial incentives. It was then the job of the U.S. Department of Health and Human Services to define “meaningful use” and “certified EHR” through the rulemaking process. Rulemaking generally has multiple phases built into the process in order to accommodate several rounds of public comment.

Rules Engine

A set of rules defined within a software process that converts clinical and administrative data streams into a meaningful representation of clinical quality markers to be used in functions such as pay for performance/quality data reporting.

back to the top

S

Sender

Actor in the Direct workflow who originates the message content. A Sender may be a person or a larger business entity.

S/MIME

Secure/Multipurpose Internet Mail Extensions, a Internet standard for securing MIME data. S/MIME provides privacy and data security through encryption; and authentication, integrity
assurance, and non-repudiation of origin through signing.

SLI Global Solutions

SLI Global Solutions serves one of the ONC-ATCB for electronic health record (EHR) certification. SLI Global Solutions was certified by the ONC on December 10, 2010 and is authorized to certify complete EHR and EHR modules. Visit the SLI Global Solutions website.

SMTP

Simple Mail Transport Protocol, an industry standard for transporting e-mail

SNOMED International

A nomenclature for use by all health services professionals developed in the US and updated at least semi-annually.

SSO

Single Sign-On

Standards & Interoperability Framework

The Standards and Interoperability (S&I) Framework is a set of integrated functions, processes, and tools being guided by the healthcare and technology industry to achieve harmonized interoperability for healthcare information exchange.

State Designated Entities (SDEs)

Organizations appointed by each state that received ARRA/HITECH funding through the HIE Cooperative Agreement Program to establish or expand statewide exchange.

State HIE

The state HIE provides alignment of architecture, technology and policy throughout an individual state. Currently there are fifty-six states and territories planning and coordinating state level exchanges through a State Designated Entity. The state HIE typically manages funding provided by the Office of the National Coordinator (ONC) and assists specific HIEs within the state.

Surescripts LLC

Surescripts LLC serves one of the ONC-ATCB for electronic health record (EHR) certification. Surescripts LLC was certified by the ONC on December 23, 2010 and is authorized to certify EHR modules for e-prescribing, privacy and security. Visit the Surescripts LLC website.

back to the top

T

TCP/IP – Transmission Control Protocol/Internet Protocol

TCP/IP is a low-level communications protocol used to connect hosts on the Internet or a network. TCP/IP connections are established between clients and servers via sockets. TCP/IP is stream-oriented meaning it deposits bits in one end and they show up at the other end.

Technical Safeguards

The technology and the policy and procedures for its use that protect electronic protected health information and control access to it.

Trading Partner Agreement

An agreement related to the exchange of information in electronic transactions, whether the agreement is distinct or part of a larger agreement, between each party to the agreement. (For example, a trading partner agreement may specify, among other things, the duties and responsibilities of each party to the agreement in conducting a standard transaction.)

back to the top

U

UMLS (Unified Medical Language System)

A long-term research project developed by the US National Library of Medicine to assist health professionals and researchers to retrieve and integrate clinical vocabularies from a wide variety of information sources. The goal is to link information from scientific literature, patient records, factual databases, knowledge-based expert systems, and directories of institutions and individuals in health and health services

V

VEA – Vendor Enterprise Archive

PACS vendors archive solution that stores multi-department images. As in the past, software upgrades and new PACS or storage system changes with a VEA can result in data migration of entire image repository. See the definition courtesy of ACUO Technologies.

VNA – Vendor Neutral Archive

A software solution that acts as a middleware application between one or many clinical workflow applications, formerly known as PACS, and various storage platforms and IT strategies. VNA will support: one or many clinical viewing applications, a standards based environment, storage virtualization strategies, robust business continuity deployments and virtual environments. See the definition courtesy of ACUO Technologies.

Virtual Lifetime Electronic Record (VLER)

The VLER initiative launched following President Obama’s April 9, 2009 direction to the Department of Defense (DoD) and the Department of Veterans Affairs (VA) to create a unified lifetime electronic health record for members of the U.S. Armed Services. VLER will contain both administrative (i.e. personnel and benefits) and medical information for Service members and Veterans. VLER will provide access to information from day one of a Service member’s military career through transition to Veteran status and beyond.

X

X12

X12 provides for electronic exchange of business transactions-electronic data interchange (EDI). The American National Standards Institute (ANSI) chartered the Accredited Standards Committee (ASC) X12 to develop uniform standards.

XDM – Cross-enterprise Document Media Interchange

What it’s used for: According to IHE, XDM transfers documents and metadata using CDs, USB memory or email attachments. This profile supports environments with minimal capabilities in terms of using Web Services and generating detailed metadata. This standard is utilized by the Direct Project.

Example: Using secure e-mail, a physician e-mails the patient’s CCD to the patient’s Microsoft Healthvault e-mail account for uploading to the patient’s online PHR.

XDR – Cross-enterprise Document Reliable Interchange

What it’s used for: The exchange of health documents between health enterprises using a web-based, point-to-point push network communication, permitting direct interchange between EHRs, PHRs and other systems without the need for a document repository.

Example: A nurse at Hospital A enters a patient’s information in the local EHR, and then sends the CCD directly to Hospital B’s system.

XDS.b – Cross-enterprise Document Sharing

What it’s used for: The sharing of documents between any health care enterprise, ranging from a private physician office to a clinic to an acute care in-patient facility, through a common registry. Medical documents can be stored, registered, found and accessed.

Example:

Hospital A has a document to store. Hospital A creates a description and metadata for the document and submits it to the HIE Repository.
The HIE Repository accepts the document with metadata. It stores the document and forwards the metadata to the HIE Registry.
The HIE Registry receives a query from Hospital B and identifies the document as a match based on the metadata.
Hospital B retrieves the document from the HIE Repository.

XDS-I.b – Cross-enterprise Document Sharing for Imaging

What it’s used for: The sharing of images, diagnostic reports and related information through a commonregistry.

Example: A radiologist accesses the local HIE, in a similar manner as for XDS.b, to find a MR report conducted and uploaded to the HIE at Hospital A.

back to the top

Z

Share and Enjoy:

Health Information Exchange

Glossary

Health Information Exchange Glossary

A | B | C | D | E | F | G | H | I | J | K | L | M| N | O | P | Q | R | S | T | U | V | W | X | Y | Z

A

Abstract Model

Accountable Care Organization

Administrative Safeguards

AHCA

AHRQ

ANSI (American National Standards Institute)

Architecture

ASP (Application Service Provider)

ARRA

ASTM (American Society for Testing and Materials)

Asymmetric Key System

Attribute

Audit Trail

Authentication

Authorization

B

BAA

Business Associate AgreementBeacon Community

Biometric Authentication Technology

BioSense Initiative

Biosurveillance

Blue Button

Bundled payments

C

CCHIT – Certification Commission for Healthcare IT

CCOW – Clinical Context Object Workgroup

CDR – Clinical Document Repository

CCD – Continuity of Care Document

CCR – Continuity of Care Record

CDA – Clinical Document Architecture

CDSS

CHPL – Certified Health IT Product List

Certification Authority (CA)

Certification criteria

Certification/Conformance Testing

Clinical Classification

Clinical Data Repository

Clinical Messaging

Clinical Reminders (Clinical Guideline Prompts)

Clinical User Authentication

CMS

Common Control

Common Ownership

Compliance Date

Computerized Provider Order Entry (CPOE)

Confidentiality

Conformance Checking

CONNECT

Controlled Clinical Vocabulary

Conversion Services

Covered Entity

Covered Functions

Critical Access Hospital

D

Data Aggregation

Data Center

Data Integrity

Data Recovery Services

Decision Support

Decryption

DICOM – Digital Imaging and Communications in Medicine

Digital certificate

Digital Signature

Direct Address

Direct Message

Direct Project

Direct Treatment Relationship

Disclosure

Doctor Matching

Document Review, Edit, Sign

DURSA

E

Electronic Billing Support

EDI – Electronic Data Interchange

EHR – Electronic Health Record

Business Associate Agreement
Beacon Community